[MUD-Dev] TECH: Trusting Network Clients
Ian Macintosh
iman at issystems.co.nz
Tue Aug 27 22:12:58 CEST 2002
Fox McCloud wrote on Tuesday, 27 August 2002 15:37
> I came across the question to trust the client data or not.
As previously said on this list (by Raph I think), you need to think
of the client in the terms of it being 'in the hands of the enemy'.
That is *exactly* how you must think.
> Of course it would be secure if the server just does *everything*
> but I think this would afford a tremendously server power.
In general, the most processor intensive functions revolve around
GUI. Your server computes the game state only.
> Well otherwise people could manipulate the data easily, so where's
> the border line, what data should you allow the client to process?
> Any reommendations?
You do any calculation related to display (ie, doesn't affect actual
game context) on the client.
Simple example:
Server -> Client : 0x01 0x08 0x13
where 0x01 = GUI command
and 0x08 = display shield blocking movement
and 0x13 = shield block is to upper left quadrant, 45 degree angle
The client decodes, then loads the correct sprites/scripts into the
GUI execution pipeline, loads associated sounds, times and executes
it.
Or even simpler:
Server -> Client : 0x01 0x02
where 0x02 = display blocked attack
And the client randomly decides on what blocking movement to
perform. This alleviates the server from having to decide (save a
few hundred CPU cycles). If you stick two client screens side by
side, you'll see differing renditions of how the current 'game
state' came into being. You'll probably even hear different sounds,
one randomly deciding to block with a shield, and the other with the
equiped weapon.
You should get the gist from that.
Regards,
Ian.
_______________________________________________
MUD-Dev mailing list
MUD-Dev at kanga.nu
https://www.kanga.nu/lists/listinfo/mud-dev
More information about the mud-dev-archive
mailing list